<?php
session_start();
// if ($_SESSION["level"] == null) header("location:login.php");

include 'config.php';
include 'db_connection.php';

if (isset($_POST['id'])) {
//    showRequests();
}
if(isset($_POST['Login'])) {
  loginUser();
}
if(isset($_POST['submit_new_user'])) {
  createUser();
}
if (isset($_POST['con_id'])) {
  deleteContact();
}

if (isset($_POST['contact_id'])) {
  editContact();
}

if (isset($_POST['req_id'])) {
  editRequest();
}

if (isset($_POST['reqi_id'])) {
  deleteRequest();
}

if (isset($_POST['con_name'])) {
  addContact();
}

if (isset($_POST['status'])) {
  deleteAllRequests();
}

if (isset($_POST['req_name'])) {
  addRequest();
}
if (isset($_POST['delete_id'])) {
  deletePatient();
}
if (isset($_POST['pat_id'])) {
  deleteAllPatients();
}
if (isset($_POST['submit_change_pass'])) {
  changePassword();
}
if (isset($_POST['patient_id'])) {
  editPatient();
}
if (isset($_POST['sendmail'])) {
  checkSpam();
}

function showHistory() {
  
}

function showFilters($statuses) {
  $med_unit = mysql_query("SELECT DISTINCT med_unit FROM REQUESTS");
  $doc_name = mysql_query("SELECT DISTINCT doc_name FROM REQUESTS");
  $date_received = mysql_query("SELECT DISTINCT date_received FROM REQUESTS");
  $date_approved= mysql_query("SELECT DISTINCT date_approved FROM REQUESTS");
  $status = mysql_query("SELECT DISTINCT status FROM REQUESTS");

//   $med_unit = unitRename($unit);
  echo "<table id=\"filters\">
	<th><b>Επιλέξτε φίλτρο</b></th>";
  if ($_SESSION['level'] == "admin" || $_SESSION['level'] == "user") {
  echo	    "<tr><td>Μονάδα:</td>";
	    while ($rows=mysql_fetch_array($med_unit)){
	      echo "<td id=\"$rows[0]\" class=\"filter\"><a href=\"showrequest.php?req=$statuses&filter=$rows[0]\">";
	      echo $rows[0];
	      echo "</a></td>";
	    }
  echo "</tr>";
  }//end of if
  echo	  "<!--<tr class=\"datacelltwo\">
	    <td>Ιατρός:</td>
	      <td><select style=\"width: 100px;\">
		<option>Επιλέξτε...</option>";
		while ($rows=mysql_fetch_array($doc_name)){
		  echo "<option value=\"$rows[0]\" class=\"filter\">$rows[0]</option>\n";
		}
  echo " </select></td></tr>
	  <tr class=\"datacellone\">
	    <td>Ημερ/νία Παραλαβής:</td>
	  </tr>
	  <tr class=\"datacelltwo\">
	    <td>Ημερ/νία Έγκρισης:</td>
	  </tr> -->
	  <tr>
	    <td>Κατάσταση:";
	    while ($rows=mysql_fetch_array($status)){
	      echo "<td id=\"$rows[0]\" class=\"filter\"><a href=\"showrequest.php?req=$rows[0]\">";
	      echo $rows[0];
	      echo "</a></td>";
	    } 
  echo "</td>
	  </tr>

      </table>";
}

// helper function for showFiltersOnomastiko
function unitRename($unit) {
  if ($unit == "geniki") return "GENIKI KLINIKI";
  else if ($unit == "kianous") return "KIANOUS STAVROS";
  else if ($unit == "arogi") return "AROGI";
  else if ($unit == "kentriki") return "KENTRIKI KLINIKI";
  else if ($unit == "arogi_larisa") return "AROGI THESSALIAS";
  else if ($unit == "theotokos") return "THEOTOKOS";
  else if ($unit == "zoodochos") return "ZOODOCHOS PIGI";
  else if ($unit == "rhodes") return "DODECANESE";
}

function showFiltersOnomastiko($field) {
  $unit = mysql_query("SELECT DISTINCT latin_name FROM UNITS");
  /*$hotel = mysql_query("SELECT DISTINCT name FROM HOTELS");*/
  $hotel = mysql_query("SELECT DISTINCT unit FROM PATIENTS WHERE 
			(status='PATIENT' AND outpatient_of<>'-' AND location<>'LIBYA') OR 
			(status='ATTENDANT' AND unit<>'AROGI' AND location<>'LIBYA')");
  $outpatient_of = mysql_query("SELECT DISTINCT outpatient_of FROM PATIENTS");
  $status = mysql_query("SELECT DISTINCT status FROM PATIENTS");
  $location = mysql_query("SELECT DISTINCT location FROM PATIENTS");
  $dates = mysql_query("SELECT DISTINCT date_of_flight FROM PATIENTS");
  if($_SESSION['level'] == "admin" || $_SESSION['level'] == "user") {
    echo "<table id=\"filters\">
	  <tr><th>Επιλέξτε φίλτρο</th></tr>
	  <tr><td><a href=\"onomastikodaily.php\" style=\"color:red;\">Αφαιρέστε όλα τα φίλτρα</a></td></tr>
	    <tr class=\"datacellone\">
	      <td>Μονάδα:</td>";
		while ($rows=mysql_fetch_array($unit)){
		  $row = unitRename($rows[0]);
		  echo "\n<td id=\"$row\" class=\"filter\"><a href=\"onomastikodaily.php?field=unit&filter=$row\" id=\"link-$row\">";
		  echo $row;
		  echo "</a></td>";
		}
    echo "</tr>
	    <tr class=\"datacelltwo\">
	      <td>Ξενοδοχείο:</td>";
		$i = 0;
		while ($rows=mysql_fetch_array($hotel)) {
		  if ($i != 0 && $i % 10 == 0) { echo "<tr><td></td>"; }
		  echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=unit&filter=$rows[0]\" id=\"link-$rows[0]\">";
		  echo $rows[0];
		  echo "</a></td>";
		  $i++;
		}
    echo "</td></tr>
	    <tr class=\"datacelltwo\">
	      <td>Outpatient of:</td>";
	      while ($rows=mysql_fetch_array($outpatient_of)){
		  echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=outpatient_of&filter=$rows[0]\" id=\"link-$rows[0]\">";
		echo $rows[0];
		echo "</a></td>";
	      } 
    echo "</tr>
	    <tr class=\"datacellone\">
	      <td>Κατάσταση:</td>";
	      while ($rows=mysql_fetch_array($status)){
		  echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=status&filter=$rows[0]\" id=\"link-$rows[0]\">";
		echo $rows[0];
		echo "</a></td>";
	      } 
    echo "</tr>
	    <tr class=\"datacelltwo\">
	      <td>Ημερομηνία Πτήσης:</td>";
	      $i = 0;
	      while ($rows=mysql_fetch_array($dates)){
		if ($i != 0 && $i % 10 == 0) { echo "<tr><td></td>"; }
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=date_of_flight&filter=$rows[0]\" id=\"link-$rows[0]\">";
		echo $rows[0];
		echo "</a></td>"; 
		$i++;
	      } 
    echo "</tr>
	    <tr class=\"datacelltwo\">
	      <td>Τοποθεσία:</td>";
	      while ($rows=mysql_fetch_array($location)){
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=location&filter=$rows[0]\" id=\"link-$rows[0]\">";
		echo $rows[0];
		echo "</a></td>";
	      } 
    echo "</td>
	    </tr>

	</table>";
  }
  else {
    echo "<table id=\"filters\">
	  <tr><th>Επιλέξτε φίλτρο</th></tr>
	  <tr><td><a href=\"onomastikodaily.php\" style=\"color:red;\">Αφαιρέστε όλα τα φίλτρα</a></td></tr>
	    <tr class=\"datacelltwo\">
	      <td>Ξενοδοχείο:</td>";
		$i = 0;
		while ($rows=mysql_fetch_array($hotel)){
		  if ($i == 10) { echo "<tr><td></td>"; }
		  echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=unit&filter=$rows[0]\" id=\"link-$rows[0]\">";
		  echo $rows[0];
		  echo "</a></td>";
		  $i++;
		}
    echo "</tr>
	    <tr class=\"datacellone\">
	      <td>Ημερ. Πτήσης:</td>";
	      $i = 0;
	      while ($rows=mysql_fetch_array($dates)){
		if ($i != 0 && $i++ % 10 == 0) { echo "<tr><td></td>"; }
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=date_of_flight&filter=$rows[0]\" id=\"link-$rows[0]\">";
		echo $rows[0];
		echo "</a></td>";
	      } 
    echo "</td></tr></table>";
  }
}// end of showFiltersOnomastiko

/*
function showFiltersOnomastiko($field) {
  $unit = mysql_query("SELECT DISTINCT latin_name FROM UNITS");
  $hotel = mysql_query("SELECT DISTINCT name FROM HOTELS");
  $outpatient_of = mysql_query("SELECT DISTINCT outpatient_of FROM PATIENTS");
  $status = mysql_query("SELECT DISTINCT status FROM PATIENTS");
  $location = mysql_query("SELECT DISTINCT location FROM PATIENTS");

  echo "<table id=\"filters\">
	<th><td><b>Επιλέξτε φίλτρο</b></td></th>
	  <tr class=\"datacellone1\">
	    <td>Μονάδα:</td>";
	      while ($rows=mysql_fetch_array($unit)){
		$row = unitRename($rows[0]);
		echo "\n<td id=\"$row\" class=\"filter\"><a href=\"onomastikodaily.php?field=unit&filter=$row\">";
		echo $row;
		echo "</a></td>";
	      }
  echo "</tr>
	  <tr class=\"datacelltwo2\">
	    <td>Ξενοδοχείο:</td>";
	      while ($rows=mysql_fetch_array($hotel)){
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=unit&filter=$rows[0]\">";
		echo $rows[0];
		echo "</a></td>";
	      }
  echo "</tr>
	  <tr class=\"datacellone1\">
	    <td>Outpatient of:";
	    while ($rows=mysql_fetch_array($outpatient_of)){
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=outpatient_of&filter=$rows[0]\">";
	      echo $rows[0];
	      echo "</a></td>";
	    } 
  echo "</tr>
	  <tr class=\"datacelltwo2\">
	    <td>Κατάσταση:";
	    while ($rows=mysql_fetch_array($status)){
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=status&filter=$rows[0]\">";
	      echo $rows[0];
	      echo "</a></td>";
	    } 
  echo "</tr>
	  <tr class=\"datacellone1\">
	    <td>Τοποθεσία:";
	    while ($rows=mysql_fetch_array($location)){
		echo "\n<td id=\"$rows[0]\" class=\"filter\"><a href=\"onomastikodaily.php?field=location&filter=$rows[0]\">";
	      echo $rows[0];
	      echo "</a></td>";
	    } 
  echo "</td>
	  </tr>

      </table>";
}// end of showFiltersOnomastiko
*/
function addContact() {
  if ( $_SESSION["level"] != "admin" ) return;
  if ($_POST['con_name']) {
    $name = $_POST['con_name'];
    $tel1 = $_POST['tel1'];
    $tel2 = $_POST['tel2'];
    $cell = $_POST['cell'];
    $email = $_POST['email'];
    $unit = $_POST['unit'];
    $location = $_POST['location'];

    $query = mysql_query("INSERT INTO CONTACTS (name, phone_num_1, phone_num_2, mobile_num, email, unit, location) 
			  VALUES ('$name', '$tel1', '$tel2', '$cell', '$email', '$unit', '$location')");

    if (!$query) {
      die('Invalid INSERT query: ' . mysql_error());
    }
  }//end of if

}

function editContact() {
  if ( $_SESSION["level"] != "admin" ) return;
  if ($_POST['contact_id']) {
    $con_id = $_POST['contact_id'];
    $name = $_POST['name'];
    $phone_num_1 = $_POST['phone_num_1']; 
    $phone_num_2 = $_POST['phone_num_2'];
    $mobile_num = $_POST['mobile_num'];
    $email = $_POST['email'];
    $unit = $_POST['unit'];
    $query = mysql_query("UPDATE CONTACTS SET name='$name', phone_num_1='$phone_num_1', phone_num_2='$phone_num_2', mobile_num='$mobile_num', email='$email', unit='$unit' WHERE con_id='$con_id'");
  }
}

function deleteContact() {
  if ( $_SESSION["level"] != "admin" ) return;
  $con_id = $_POST['con_id'];
  $query = mysql_query("DELETE FROM CONTACTS WHERE con_id='$con_id'");
  if (!$query) {
    die('Invalid DELETE query: ' . mysql_error());
  }
}

function addRequest() {
  if ( $_SESSION["level"] != "admin" ) return;
  if ($_POST['req_name']) {
    $req_name = $_POST['req_name'];
    $pass_num = $_POST['pass_num'];
    $unit = $_POST['clinic'];
    $addm_num = $_POST['addm_num'];
    $pat_code = $_POST['pat_code'];
    $est_cost = $_POST['est_cost'];
    $doctor = $_POST['doctor'];
    $request = $_POST['request'];
    $date_received = $_POST['date_received'];
    $date_approved = $_POST['date_approved'];
    $notes = $_POST['notes'];
    $status = $_POST['category'];

     $query = mysql_query("INSERT INTO REQUESTS (name, pass_num, med_unit, addm_num, pat_code, doc_name, request, est_cost, status, notes, date_received, date_approved) 
 			  VALUES ('$req_name', '$pass_num', '$unit', '$addm_num', '$pat_code', '$doctor', '$request', '$est_cost', '$status', '$notes', '$date_received', '$date_approved')");


    if (!$query) {
      die('Invalid DELETE query: ' . mysql_error());
    }
  }//end of if
}//end of addRequest

function editRequest() {
  if ( $_SESSION["level"] != "admin" ) return;
  if ($_POST['req_id']) {
    $req_id = $_POST['req_id'];
    $name = $_POST['name'];
    $pass_num = $_POST['pass_num'];
    $med_unit = $_POST['med_unit']; 
    $addm_num = $_POST['addm_num'];
    $pat_code = $_POST['pat_code'];
    $doc_name = $_POST['doc_name'];
    $request = $_POST['request'];
    $est_cost = $_POST['est_cost'];
    $date_received = $_POST['date_received'];
    $date_approved = $_POST['date_approved'];
    $notes = $_POST['notes'];
    $status = $_POST['status_input'];

      $query = mysql_query("UPDATE REQUESTS SET 
			  name = '$name',
  			  pass_num='$pass_num', 
  			  med_unit='$med_unit', 
  			  addm_num='$addm_num', 
  			  pat_code='$pat_code',
  			  doc_name='$doc_name', 
  			  request='$request', 
 			  est_cost='$est_cost', 
  			  date_received='$date_received',
  			  date_approved='$date_approved', 
  			  notes='$notes',
  			  status='$status'
  			  WHERE req_id='$req_id;'");
   }
}

function deleteRequest() {
  if ( $_SESSION["level"] != "admin" ) return;
  $req_id = $_POST['reqi_id'];
  $query = mysql_query("DELETE FROM REQUESTS WHERE req_id='$req_id'");
  if (!$query) {
    die('Invalid DELETE query: ' . mysql_error());
  }
}// end of deleteRequest

function deleteAllRequests() {
  if ( $_SESSION["level"] != "admin" ) return;
  $status = $_POST['status'];
  $query = mysql_query("DELETE FROM REQUESTS WHERE status = \"$status\"");
  if (!$query) {
    die('Invalid DELETE query: ' . mysql_error());
  }
}

function deletePatient() {
  if ( $_SESSION["level"] != "admin" ) return;
  $pat_id = $_POST['delete_id'];
  $query = mysql_query("DELETE FROM PATIENTS WHERE pat_id='$pat_id'");
  if (!$query) {
    die('Invalid DELETE query: ' . mysql_error());
  }
}// end of deletePatient

function deleteAllPatients() {
  if ( $_SESSION["level"] != "admin" ) return;
  $unit = $_POST['pat_id'];
  if ($unit != null) {
    $query = mysql_query("DELETE FROM PATIENTS WHERE unit=\"$unit\"");
  }
  else {
    $query = mysql_query("DELETE FROM PATIENTS");
  }
  if (!$query) {
    die('Invalid DELETE query: ' . mysql_error());
  }
}

function showRequests($status, $filter) {
    print("<br>");
    print("<tr class=\"bold\">");
    if ($_SESSION['level'] == 'admin') {
      print("<th>Drop</th>");
      print("<th>Edit</th>");
      if ($filter == null) {
	$result = mysql_query("SELECT * FROM REQUESTS WHERE status='$status' ORDER BY med_unit ASC; ");
      }
      else {
	$result = mysql_query("SELECT * FROM REQUESTS WHERE status='$status' AND med_unit = '$filter' ORDER BY med_unit ASC; ");
      }
    }//end of inner if
    else if ($_SESSION['level'] == 'user') {
      if ($filter == null) {
	$result = mysql_query("SELECT * FROM REQUESTS WHERE status='$status' ORDER BY med_unit ASC; ");
      }
      else {
	$result = mysql_query("SELECT * FROM REQUESTS WHERE status='$status' AND med_unit = '$filter' ORDER BY med_unit ASC; ");
      }
    }// end of else if
    else  if ($_SESSION['level'] == 'clinic') {
      $department = unitRename($_SESSION['department']);
      $result = mysql_query("SELECT * FROM REQUESTS WHERE status='$status' AND med_unit='$department' ORDER BY med_unit ASC; ");
    } // end of else if
    if($status == "approved" || $status == "rejected") {
     print("<th id=\"pdf\">PDF</th>");
    }
//  <th id=\"ID\"><a ahref=\"showrequest.php?req=$status&filter=req_id\">ID</a></th>
    print("<th id=\"sn\"><a ahref=\"showrequest.php?req=$status&filter=req_id\">Α/Α</a></th>
	    <th id=\"ID\"><a ahref=\"showrequest.php?req=$status&filter=req_id\">ID</a></th>
	    <th id=\"name\"><a ahref=\"showrequest.php?req=$status&filter=name\">Full Name</a></th>
	    <th id=\"pass_num\"><a ahref=\"showrequest.php?req=$status&filter=pass_num\">Passport</a></th>
	    <th id=\"med_unit\"><a ahref=\"showrequest.php?req=$status&filter=med_unit\">Unit</a></th>
	    <th id=\"addm_num\"><a ahref=\"showrequest.php?req=$status&filter=addm_num\">Intake No.</a></th>
	    <th id=\"pat_code\"><a ahref=\"showrequest.php?req=$status&filter=pat_code\">Patient Code</a></th>
	    <th id=\"doc_name\"><a ahref=\"showrequest.php?req=$status&filter=doc_name\">Doctor in Charge</a></th>
	    <th id=\"request\"><a ahref=\"showrequest.php?req=$status&filter=request\">Request</a></th>
	    <th id=\"est_cost\"><a ahref=\"showrequest.php?req=$status&filter=est_cost\">Est. Cost</a></th>
	    <th id=\"date_received\"><a ahref=\"showrequest.php?req=$status&filter=date_received\">Date Received</a></th>
	    <th id=\"date_approved\"><a ahref=\"showrequest.php?req=$status&filter=date_approved\">Date Approved</a></th>
	    <th id=\"notes\"><a ahref=\"showrequest.php?req=$status&filter=notes\">Notes</a></th>");
	    if ($_SESSION['level'] == "admin") {
	      $limit = 13;
	      print("<th id=\"notes\"><a ahref=\"showrequest.php?req=$status&filter=status\">Status</a></th></tr>");
	    }
	    else {
	      $limit = 12;
	      print("</tr>");
	    }
  
    $count = 1;
    $sum = 0;
    while ($rows = mysql_fetch_array($result)) {
      // it calculates the sum of the estimated cost of all requests
      $sum += $rows[8];
      $id = $rows['req_id'];
      $array = array_keys($rows);
      if($count % 2 == 0 ) {
	$color = "datacellone";
      }
      else {
	$color = "datacelltwo";
      }
      
      if ($_SESSION['level'] == "admin"){
	print("<span class=\"delete_btn\"><tr id=\"$id\" class=\"$color edit_tr\">\n");
	print("<td id=\"del-btn-$rows[0]\"><img src=\"./files/img/b_drop.png\"><input type=\"text\" name=\"checkbox[]\" value=$rows[0] id=\"$count\" class=\"editbox\" /></td>\n");
 	print("<td id=\"edit-btn-$rows[0]\"><img src=\"./files/img/b_edit.png\"></td>\n");
      }//end of if
      else {
	print("<tr class=\"$color no_edit_tr\">\n");
      }
      if($status == "approved" || $status == "rejected") {
	print("<td id=\"pdf-$id\" class=\"pdf\"><a href=\"./files/requests/$id.pdf\" target=\"_blank\"><img src=\"./files/img/pdf.jpg\"></a></td>\n");
      }
      print("<td><span id=\"serial-number-$id\" class=\"sn\">$count</span></td>\n");
      for ($i = 0; $i < $limit; $i++) {
	$temp = $array[$i*2+1];
	print("<td id=\"\">");
	print("<span id=\"$temp-$id\" class=\"text\">$rows[$i]</span>");
	print("<input type=\"text\" value=\"$rows[$i]\" class=\"editbox\" id=\"$temp-input-$id\" size=4 /></td>\n");
// 	print("</td>\n");
      }//end of for

      $count++;
      print("</tr>\n"); 
    }//end of while 
    print("<h2><p style=\"color:red;\">Total estimated cost: $sum</p></h2><br>");
    return $count;
}//end of showRequests

function showOnomastikoDaily($field, $filter) {
    print("<br>");
    print("<tr class=\"bold\">");
    if ($_SESSION['level'] == 'admin') {
      print("<th>Drop</th>");
      print("<th>Edit</th>");
      if ($filter == null) {
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE location NOT LIKE'%LIBYA%' ORDER BY unit ASC; ");
print("kjnasdkjas");
      }
      else {
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE $field='$filter' ORDER BY unit ASC; ");
      }
    }//end of inner if
    else if ($_SESSION['level'] == 'user') {
      if ($filter == null) {
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE location NOT LIKE'%LIBYA%' ORDER BY unit ASC; ");
      }
      else {
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE $field='$filter' ORDER BY unit ASC; ");
      }
    }// end of else if
    else  if ($_SESSION['level'] == 'clinic') {
      print("<th>Edit</th>");
      if ($filter == null) {
	$department = unitRename($_SESSION['department']);
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE (unit='$department' OR outpatient_of='$department') AND (location NOT LIKE'%LIBYA%') ORDER BY unit ASC; ");
      }
      else {
	$department = unitRename($_SESSION['department']);
	$result = mysql_query("SELECT name, pass_num, dob, unit, location, outpatient_of, status, date_of_flight, visa_expiration, departed, notes, pat_id FROM PATIENTS WHERE $field='$filter' AND (unit='$department' OR outpatient_of='$department') AND (location NOT LIKE'%LIBYA%') ORDER BY unit ASC; ");
      }
    } // end of else if

    print("<th id=\"sn\"><a ahref=\"showrequest.php?req=$status&filter=req_id\">S/N</a></th>
	    <th id=\"name\"><a ahref=\"showrequest.php?req=$status&filter=name\">Full name</a></th>
	    <th id=\"pass_num\"><a ahref=\"showrequest.php?req=$status&filter=pass_num\">Passport</a></th>
	    <th id=\"pass_num\"><a ahref=\"showrequest.php?req=$status&filter=pass_num\">DOB</a></th>
	    <th id=\"med_unit\"><a ahref=\"showrequest.php?req=$status&filter=med_unit\">Unit</a></th>
	    <th id=\"addm_num\"><a ahref=\"showrequest.php?req=$status&filter=addm_num\">Location</a></th>
	    <th id=\"pat_code\"><a ahref=\"showrequest.php?req=$status&filter=pat_code\">Outpatient of:</a></th>
	    <th id=\"doc_name\"><a ahref=\"showrequest.php?req=$status&filter=doc_name\">Status</a></th>
	    <th id=\"request\"><a ahref=\"showrequest.php?req=$status&filter=request\">Arrival Date</a></th>
	    <th id=\"est_cost\"><a ahref=\"showrequest.php?req=$status&filter=est_cost\">Visa expiration date</a></th>
	    <th id=\"est_cost\"><a ahref=\"showrequest.php?req=$status&filter=est_cost\">Departed On</a></th>
	    <th id=\"notes\"><a ahref=\"showrequest.php?req=$status&filter=notes\">Notes</a></th></tr>");

    $count = 1;
    while ($rows = mysql_fetch_array($result)) {
      $id = $rows['pat_id'];
      $array = array_keys($rows);
      if($count % 2 == 0 ) {
	$color = "datacellone";
      }
      else {
	$color = "datacelltwo";
      }
      
      if ($_SESSION['level'] == "admin"){
	print("<span class=\"delete_btn\"><tr id=\"$id\" class=\"$color edit_tr\">\n");
	print("<td id=\"del-btn-$id\"><img src=\"./files/img/b_drop.png\"><input type=\"text\" name=\"checkbox[]\" value=$id id=\"$count\" class=\"editbox\"></input></td>\n");
 	print("<td id=\"edit-btn-$id\"><img src=\"./files/img/b_edit.png\"></td>\n");
      }//end of if
      else if ($_SESSION['level'] == "clinic") {
	// Changing class from no_edit_tr -> edit_tr
	print("<tr id=\"$id\" class=\"$color edit_tr\">\n"); 
	print("<td id=\"edit-btn-$id\"><img src=\"./files/img/b_edit.png\"></td>\n");
      }
      else {
	print("<tr class=\"$color no_edit_tr\">\n");
      }
      print("<td><span id=\"serial-number-$id\" class=\"sn\">$count</span></td>");
      for ($i = 0; $i < 11; $i++) {
	// the below comment is bullshit
	// the parenthesis ($i+1) is here, because $i begins from 0
	// so, without the +1 the product would be always zero
// 	$temp = $array[($i+1)*2+1];
	$temp = $array[$i*2+1];
	print("<td id=\"\">");
	print("<span id=\"$temp-$id\" class=\"text\">$rows[$i]</span>");
	print("<input type=\"text\" value=\"$rows[$i]\" class=\"editbox\" id=\"$temp-input-$id\" size=4></input></td>\n");
// 	print("</td>\n");
      }//end of for
      $count++;
      print("</tr>\n"); 
    }//end of while 
    return $count;
}// end of showOnomastikoDaily

function editPatient() {
  $pat_id = $_POST['patient_id'];
  $notes = $_POST['notes'];
  $departed = $_POST['departed'];
  $unit = $_POST['unit'];
  $location = $_POST['location'];
  $outpatient_of = $_POST['outpatient_of'];
  $query = mysql_query("UPDATE PATIENTS SET unit='$unit', location='$location', outpatient_of='$outpatient_of', departed='$departed', notes='$notes' WHERE pat_id='$pat_id';");
  $query2 = mysql_query("SELECT pat_id, med_unit, outpatient_of FROM HISTORY");  
  $count = mysql_num_rows($query);

  while($rows = mysql_fetch_array($query2)) {
    if (($rows[0] == $pat_id) && ($rows[1] != $unit || $rows[2] != $outpatient_of) ) {
// echo "asfkjnkla";
  // This query is used to insert entries in the HISTORY table
  // to keep track of a patient's history
      $query2 = mysql_query("INSERT INTO HISTORY(
	pat_id,
	pass_num,
	date_of_change,
	med_unit,
	outpatient_of )
      VALUES (
	'$pat_id', 
	'$pass_num', 
	'$date_of_change', 
	'$unit',
	'$outpatient_of'
      )");
      if (!$query2) {
	die('Invalid INSERT query: ' . mysql_error());
      }
    }// end of outer if
  }// end of while
  if ($count == 1) {
    if (!$query) {
      die('Invalid INSERT query: ' . mysql_error());
    }
  }
}//end of editPatient

  function loginUser(){
    $current_user = htmlspecialchars($_POST['username']);
    $current_pass = $_POST['password'];
    $current_pass_enc = sha1($current_pass);
    $query = mysql_query("SELECT level, department, email FROM USERS WHERE username = '$current_user' AND password = '$current_pass_enc'");
    $count = mysql_num_rows($query);
    $level = mysql_fetch_row($query);

    if ($count == 1){
      $_SESSION["user"] = $current_user;
      $_SESSION["pass"] = $current_pass_enc;
      $_SESSION["level"] = $level[0];
      $_SESSION["department"] = $level[1];
      $_SESSION["email"] = $level[2];
//       $_SESSION["level"] = mysql_result($query, 0);
//       $_SESSION["department"] = mysql_result($query, 1);

      if ($level[0] == "admin")
	header("location:index.php");
      else
	header("location:index.php");
    }//end of if

    else {
    ?>
    <script type = text/javascript>
      alert ("Sorry, I couldn't validate your username/password.");
      window.location.href = "login.php";
    </script>
    <?php
    }//end of else
  }//end of loginUser

function createUser() {
  $new_user = htmlspecialchars($_POST['username']);
  $new_pass = $_POST['password'];
  $new_pass_enc = sha1($new_pass);
  $email = $_POST['email'];
  $department = $_POST['department'];
  $level = $_POST['level'];
  $query = mysql_query("SELECT username FROM USERS WHERE username = '$new_user'");
  $count = mysql_num_rows($query);

  if ($count != 0) {
    print("<script type = text/javascript>
	    alert (\"Sorry, This username is already taken.\");
	    window.location.href = \"createuser.php\";
	  </script>");
    //header("location:createuser.php");
  }
  else {
    $query = mysql_query("INSERT INTO USERS (username, password, email, department, level) 
			  VALUES ('$new_user', '$new_pass_enc', '$email', '$department', '$level');");
    if (!$query) {
      die('Invalid INSERT query: ' . mysql_error());
    }
    else {
      print("<script type = text/javascript>
	    alert (\"The account has succesfully been created.\");
	    window.location.href = \"createuser.php\";</script>");
    //header("location:createuser.php");
    }// end of else
  }//end of outer else
}//end of createuser

function changePassword() {
  $current_password = $_POST['current_password'];
  $current_password_enc = sha1($current_password);
  $new_password = $_POST['new_password'];
  $enc_password = sha1($new_password);
  $user = $_POST["username"];
  if ($user == $_SESSION['user'] || $_SESSION['level'] == "admin") {
    $check = mysql_query("SELECT username FROM USERS WHERE password='$current_password_enc' AND username='$user'");
    $count = mysql_num_rows($check);
    if ($count == 1) {
      $query = mysql_query("UPDATE USERS SET password='$enc_password' WHERE username='$user'");

      if (!$query) {
	die('Invalid INSERT query: ' . mysql_error());
      }
      else {
	print("<script type = text/javascript>
	      alert (\"The password has been succesfully changed.\");
	      window.location.href = \"changepassword.php\";</script>");
      }// end of else
    }//end of if
    else {
	print("<script type = text/javascript>
	      alert (\"The current password you entered is wrong.\");
	      window.location.href = \"changepassword.php\";</script>");
    }
  }//end of if
  else {
	print("<script type = text/javascript>
	      alert (\"You don't have the permission to change this user's password.\");
	      window.location.href = \"changepassword.php\";</script>");  
  }
}// end changePassword

function showContacts($location, $unit, $filter) {
  print("<br>");
  if ($location != "hotels") {
    if ($filter == null && $unit == null) {
      print("<tr class=\"bold\">");
      if ($_SESSION['level'] == 'admin') {
	print("<th>Delete</th>");
	print("<th>Edit</th>");
      }//end of inner if
      print("
	    <th id=\"name\"><a ahref=\"showcontacts.php?contact=$location&filter=name\">Ονοματεπώνυμο</a></th>
	    <th id=\"phone_num_1\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_1\">Τηλέφωνο 1</a></th>
	    <th id=\"phone_num_2\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_2\">Τηλέφωνο 2</a></th>
	    <th id=\"mobile_num\"><a ahref=\"showcontacts.php?contact=$location&filter=mobile_num\">Κινητό</a></th>
	    <th id=\"email\"><a ahref=\"showcontacts.php?contact=$location&filter=email\">email</a></th>
	    <th id=\"location\"><a ahref=\"showcontacts.php?contact=$location&filter=location\">Κλινική/Ξενοδοχείο</a></th></tr>");
      
      $result = mysql_query("SELECT * FROM CONTACTS WHERE location='$location' ORDER BY location ASC; ");
    }
    else if ($filter == null && $unit != null) {
      print("<tr class=\"bold\">");
      if ($_SESSION['level'] == 'admin') {
	print("<th>Delete</th>");
	print("<th>Edit</th>");
      }//end of inner if
      print("
	    <th id=\"name\"><a ahref=\"showcontacts.php?contact=$location&filter=name\">Ονοματεπώνυμο</a></th>
	    <th id=\"phone_num_1\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_1\">Τηλέφωνο 1</a></th>
	    <th id=\"phone_num_2\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_2\">Τηλέφωνο 2</a></th>
	    <th id=\"mobile_num\"><a ahref=\"showcontacts.php?contact=$location&filter=mobile_num\">Κινητό</a></th>
	    <th id=\"email\"><a ahref=\"showcontacts.php?contact=$location&filter=email\">email</a></th>
	    <th id=\"location\"><a ahref=\"showcontacts.php?contact=$location&filter=location\">Κλινική/Ξενοδοχείο</a></th></tr>");
      $result = mysql_query("SELECT * FROM CONTACTS WHERE location='$location' AND unit='$unit' ORDER BY location ASC; ");
    }
    else if ($filter != null && $unit != null) {
      print("<tr class=\"bold\">");
      if ($_SESSION['level'] == 'admin') {
	print("<th>Delete</th>");
	print("<th>Edit</th>");
      }//end of inner if
      print("
	    <th id=\"name\"><a ahref=\"showcontacts.php?contact=$location&filter=name\">Ονοματεπώνυμο</a></th>
	    <th id=\"phone_num_1\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_1\">Τηλέφωνο 1</a></th>
	    <th id=\"phone_num_2\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_2\">Τηλέφωνο 2</a></th>
	    <th id=\"mobile_num\"><a ahref=\"showcontacts.php?contact=$location&filter=mobile_num\">Κινητό</a></th>
	    <th id=\"email\"><a ahref=\"showcontacts.php?contact=$location&filter=email\">email</a></th>
	    <th id=\"location\"><a ahref=\"showcontacts.php?contact=$location&filter=location\">Κλινική/Ξενοδοχείο</a></th></tr>");
      $result = mysql_query("SELECT * FROM CONTACTS WHERE location='$location' AND unit='$unit' ORDER BY $filter ASC; ");    
    }
    else {
      print("<tr class=\"bold\">");
      if ($_SESSION['level'] == 'admin') {
	print("<th>Delete</th>");
	print("<th>Edit</th>");
      }//end of inner if
      print("
	    <th id=\"name\"><a ahref=\"showcontacts.php?contact=$location&filter=name\">Ονοματεπώνυμο</a></th>
	    <th id=\"phone_num_1\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_1\">Τηλέφωνο 1</a></th>
	    <th id=\"phone_num_2\"><a ahref=\"showcontacts.php?contact=$location&filter=phone_num_2\">Τηλέφωνο 2</a></th>
	    <th id=\"mobile_num\"><a ahref=\"showcontacts.php?contact=$location&filter=mobile_num\">Κινητό</a></th>
	    <th id=\"email\"><a ahref=\"showcontacts.php?contact=$location&filter=email\">email</a></th>
	    <th id=\"location\"><a ahref=\"showcontacts.php?contact=$location&filter=location\">Κλινική/Ξενοδοχείο</a></th></tr>");
      $result = mysql_query("SELECT * FROM CONTACTS WHERE location='$location' ORDER BY $filter ASC; ");
    }
  } // end of outer if
  // Only for hotels
  else {
    print("<tr class=\"bold\">");
    if ($_SESSION['level'] == 'admin') {
      print("<th>Delete</th>");
      print("<th>Edit</th>");
    }//end of inner if
    print("
	  <th><a href=\"showcontacts.php?contact=$location&filter=name\">Ξενοδοχείο</a></th>
	  <th><a href=\"showcontacts.php?contact=$location&filter=phone_num_1\">Τηλέφωνο</a></th>
	  <th><a href=\"showcontacts.php?contact=$location&filter=phone_num_2\">FAX</a></th>
	  <th><a href=\"showcontacts.php?contact=$location&filter=email\">Διεύθυνση</a></th>
	  <th><a href=\"showcontacts.php?contact=$location&filter=mobile_num\">email</a></th>");
    $result = mysql_query("SELECT * FROM HOTELS ORDER BY name ASC; ");
  } // end of outer else
    $count = 0;
    while ($rows = mysql_fetch_array($result)) {
      $id = $rows['con_id'];
      $array = array_keys($rows);
      if($count % 2 == 0 ) {
	$color = "datacellone";
      }
      else {
	$color = "datacelltwo";
      }
      
      if ($_SESSION['level'] == "admin"){
 	print("<span class=\"delete_btn\"><tr id=\"$id\" class=\"$color edit_tr\">\n");
 	print("<td id=\"del-btn-$rows[0]\"><img src=\"./files/img/b_drop.png\"></td>\n");
	print("<td id=\"edit-btn-$rows[0]\"><img src=\"./files/img/b_edit.png\"></td>\n");
//  	print("<td><input type=\"image\" src=\"./files/delete_small.png\" value=\"delete\" class=\"editbox\" id=\"delete-$id\"></input></td></span>\n");
       }//end of if
      else {
	print("<tr class=\"$color no_edit_tr\">\n");
      }
      //print("<td><span id=\"serial-number-$id\" class=\"sn\">$count</span></td>");
      for ($i = 1; $i < 7; $i++) {
	$temp = $array[$i*2+1];
	print("<td id=\"\">");
	if ($i == 5) {
	  print("<span id=\"$temp-$id\" class=\"text\"><a href=\"mailto:$rows[$i]\">$rows[$i]</a></span>");
	}
	else {
	  print("<span id=\"$temp-$id\" class=\"text\">$rows[$i]</span>");
	}
	print("<input type=\"text\" value=\"$rows[$i]\" class=\"editbox\" id=\"$temp-input-$id\" size=10></input></td>\n");
	print("</td>\n");
      }//end of for
      $count++;
      print("</tr>\n"); 
    }//end of while 
    return $count;
}

function showDaily() {
  $unit = mysql_query("SELECT DISTINCT latin_name FROM UNITS WHERE not_unit='yes'");
  $hotels = mysql_query("SELECT DISTINCT name FROM HOTELS WHERE name != 'MET HOTEL'");
  $inpatients_sum = 0;
  $outpatients_sum = 0;
  $residents_sum = 0;
  print("<br>");
  $d = date("j/n/Y");
  echo "
  <tr><td></td><th style=\"text-align: center;\"><span>LIBYAN PEOPLE IN EUROMEDICA</span></th></tr>
  <tr><td></td><th style=\"text-align: center;\">$d</th></tr></table>
  <table id=\"dailyreport\">
  <tr>
    <th style=\"text-align: left;\">INPATIENTS</td>
    <td></td>
    <th style=\"text-align: left;\">OUTPATIENTS</td>
    <td></td>
  </tr>";
  $i = 0;
  while ($rows = mysql_fetch_array($unit)) {
    if($i % 2 == 0 ) {
      $color = "datacellone";
    }
    else {
      $color = "datacelltwo";
    }
    $row = unitRename($rows[0]);
    $inpatients[$i] = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM PATIENTS WHERE unit='$row'"));
    $outpatients[$i] = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM PATIENTS WHERE outpatient_of='$row'"));
    $inpatient = $inpatients[$i][0];
    $outpatient = $outpatients[$i][0];
    $inpatients_sum += $inpatient;
    $outpatients_sum += $outpatient;
    echo "<tr class=\"$color\">
	      <td style=\"text-align: left;\"><a href=\"onomastikodaily.php?field=unit&filter=$row\" target=\"_blank\">$row</a></td>
	      <td style=\"text-align: left;\">$inpatient</td>
	      <td style=\"text-align: left;\"><a href=\"onomastikodaily.php?field=outpatient_of&filter=$row\" target=\"_blank\">$row</a></td>
	      <td style=\"text-align: left;\">$outpatient</td></tr>";
    $i++;
  }// end of while
  echo "<tr style=\"text-align: left; color: red; background: #eee;\"><th>TOTAL (A1)</th><th>$inpatients_sum</th><th>TOTAL (A2)</th><th>$outpatients_sum</th></tr>";
  echo "<tr><td></td></tr>";
  echo "<tr style=\"text-align: left;\"><th>HOTEL RESIDENTS</th></tr>";
  $i = 0;
  while ($rows = mysql_fetch_array($hotels)) {
    if($i % 2 == 0 ) {
      $color = "datacellone";
    }
    else {
      $color = "datacelltwo";
    }
    $residents[$i] = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM PATIENTS WHERE unit='$rows[0]' AND location != 'OFF EUROMEDICA'"));
    $resident = $residents[$i][0];
    $residents_sum += $resident;
    if ($resident != 0) {
      echo "<tr class=\"$color\"><td style=\"text-align: left;\"><a href=\"onomastikodaily.php?field=unit&filter=$rows[0]\" target=\"_blank\">$rows[0]</a></td>
	      <td style=\"text-align: left;\">$resident</td></tr>";
      $i++;
    } //end of if
  }// end of while
  $patients_total = $inpatients_sum + $outpatients_sum;
  $libyans_total = $inpatients_sum + $residents_sum;
  echo "<tr style=\"text-align: left; color: red; background: #eee;\"><th>TOTAL (A3)</th><th>$residents_sum</th></tr>";
  echo "<tr><td></td></tr>";
  echo "<tr style=\"text-align: left; color: red; background: #eee;\"><th>PATIENTS TOTAL (A1+A2)</th><th>$patients_total</th></tr>";
  echo "<tr style=\"text-align: left; color: red; background: #eee;\"><th>LYBIANS TOTAL (A1+A3)</th><th>$libyans_total</th></tr>";
}//end of showDaily


function checkSpam() {
  $host = "ssl://smtp.googlemail.com";
  $port = "465";
  $username = "irtsoup@gmail.com";
  $password = "81iraklis92@!";
  $from = $_SESSION['email'];
  $subject = $_POST['subject'];
  $message = $_POST['message'];
   
  mail($username, "Subject: $subject", $message, "From: $from" );
  header("location:contact.php");  
//   if ($flag == true) {
//     echo "<script>alert('Your messsage has been succesfully sent');</script>";
//     sleep(2);
//     header("location:contact.php");
//   }
//   else {
//     echo "<script>alert('Your messsage has not been sent');</script>";
//     sleep(2);
//     header("location:contact.php");
//   }
//   $headers = array ('From' => $from,
// 		    'To' => "irtsoup@gmail.com",
// 		    'Subject' => $subject);
// 
//   $smtp = Mail::factory('smtp',
//    array ('host' => $host,
// 	  'auth' => true,
// 	  'username' => $username,
// 	  'password' => $password));
// 
//   $mail = $smtp->send("irtsoup@gmail.com", $headers, $message);
// 
//   if (PEAR::isError($mail)) {
//    echo("<p>" . $mail->getMessage() . "</p>");
//     header("location:contact.php");
//   } 
//   else {
//    echo("<p>Message successfully sent!</p>");
//   }
 
}// end of checkSpam


function showUnitInfo($unit) {
  if ($unit != null) {
    $query = mysql_query("SELECT * FROM UNITS WHERE latin_name='$unit';");
    $rows = mysql_fetch_row($query);
    $array = array(1 => "Όνομα", 2 => "Τηλέφωνο", 3 => "Fax", 4 => "Διεύθυνση");
    $array2 = array(1 => "unit-name", 2 => "phone", 3 => "fax", 4 => "address");

    $count = 0;
    for($i = 1; $i < 5; $i++) {
      if($count++ % 2 != 0 ) {
	$color = "datacellone";
      }
      else {
	$color = "datacelltwo";
      }
      if ($_SESSION['level'] == "admin"){
	echo "<tr id=\"$rows[0]\" class=\"$color edit_team\"><td style=\"text-align:left; width:100px;\">$array[$i]</td><td style=\"text-align:left;\"><span id=\"$array2[$i]-$rows[0]\" class=\"text\">$rows[$i]</span>
			    <input type=\"text\" value=\"$rows[$i]\" class=\"editbox\" id=\"$array2[$i]-input-$rows[0]\" ></input></td></tr>\n";
      }//end of if
      else {
	echo "<tr id=\"$rows[0]\" class=\"$color\"><td style=\"text-align:left;\">$array[$i]</td><td style=\"text-align:left;\"><span>$rows[$i]</span></td></tr>\n";
      }	
    }//end of for
  } // end of if
}

function showLogo($unit) {
  $query = mysql_query("SELECT url FROM UNITS WHERE latin_name='$unit';");
  $rows = mysql_fetch_array($query);
  $url = $rows['url'];
  echo "<img src=\"$url\" >";
}

function showLeftPanel($level, $user) {
print("<div id=\"menu\" class=\"curvy1\"> 
      <ul class=\"level1\">
	<li><a href=\"index.php\">Home</a></li>
	<li><a href=\"showcontacts.php\">Contact Lists</a>
	  <ul>
	    <li><a href=\"showcontacts.php?contact=clinics\" class=\"requests\" id=\"approved\">Κλινικές</a>
	      <ul>
		<li><a href=\"showcontacts.php?contact=clinics&unit=geniki\" class=\"requests\" id=\"approved\">ΓΕΝΙΚΗ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=kianous\" class=\"requests\" id=\"approved\">ΚΥΑΝΟΥΣ ΣΤΑΥΡΟΣ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=kentriki\" class=\"requests\" id=\"approved\">ΚΕΝΤΡΙΚΗ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=arogi\" class=\"requests\" id=\"approved\">ΑΡΩΓΗ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=arogi_larisa\" class=\"requests\" id=\"approved\">ΑΡΩΓΗ ΘΕΣΣΑΛΙΑΣ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=theotokos\" class=\"requests\" id=\"approved\">ΘΕΟΤΟΚΟΣ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=zoodochos\" class=\"requests\" id=\"approved\">ΖΩΟΔΟΧΟΣ ΠΗΓΗ</a></li>
		<li><a href=\"showcontacts.php?contact=clinics&unit=rhodes\" class=\"requests\" id=\"approved\">ΓΕΝΙΚΗ ΔΩΔΕΚΑΝΗΣΟΥ</a></li>
	      </ul>
	    </li>
	    <li><a href=\"showcontacts.php?contact=central\" class=\"requests\" id=\"rejected\">Κεντρικά</a></li>
	    <li><a href=\"showcontacts.php?contact=hotels\" class=\"requests\" id=\"ready\">Ξενοδοχεία</a></li>
	    <li><a href=\"showcontacts.php?contact=embassies\" class=\"requests\" id=\"pending\">Πρεσβείες</a></li>
	    <li><a href=\"showcontacts.php?contact=misc\" class=\"requests\" id=\"misc\">Διάφορα</a></li>
	    <li><a href=\"showcontacts.php?contact=misc&unit=datadesign\" class=\"requests\" id=\"misc\">Data Design</a></li>
	  </ul>
	</li>");
      if ($level == "admin" || $level == "user") {
      echo "
	<li><a href=\"showdaily.php\">Daily report</a></li>";
      } // end of if
      echo "
	<li><a href=\"onomastikodaily.php\">Ονομαστικό Daily Report</a></li>
	<li><a href=\"#\">Requests for approval</a>
	  <ul>
	    <li><a href=\"showrequest.php?req=approved\" class=\"requests\" id=\"approved\">Approved</a></li>
	    <li><a href=\"showrequest.php?req=rejected\" class=\"requests\" id=\"rejected\">Rejected</a></li>
	    <li><a href=\"showrequest.php?req=ready\" class=\"requests\" id=\"ready\">Ready</a></li>
	    <li><a href=\"showrequest.php?req=pending\" class=\"requests\" id=\"pending\">Pending</a></li>
	    <li><a href=\"showrequest.php?req=misc\" class=\"requests\" id=\"misc\">Misc</a></li>
	  </ul>
	</li>";

	if ($level == "admin") { 
	  print("<li><a href=\"#\">Administer</a>
		  <ul>
		    <li><a href=\"admin.php\">Insert Requests</a></li>
		    <li><a href=\"admin2.php\">Insert Patients</a></li>
		    <li><a href=\"createuser.php\">Create User</a></li>
		    <li><a href=\"changepassword.php\">Change User Password</a></li>
		  </ul>
		</li>");
	}
	else {
	  print("<li><a href=\"#\">Administer</a>
		  <ul>
		    <li><a href=\"changepassword.php\">Change User Password</a></li>
		  </ul>
		</li>");
	}
	print("<li><a href=\"contact.php\">Contact</a></li>");
	if ( $level == "") { 
	  print("<li><a class=\"fly\" href=\"./login.php\">Login</a>");
	}
	else {
	  print("<li><a class=\"fly\" href=\"./logout.php\">Logout</a>");
	}
        print("</ul></div><!--END of menu-->");
}

function showRightPanel() {
  if (isset($_SESSION["user"])) {
    $user = $_SESSION["user"];
    if ($_SESSION["level"] == "admin") {
      echo "<p>Γεια χαρά, $user !</p>";
      echo "<p><a href=\"./admin.php\">Administer</a></p>";
      echo "<p><a href=\"./logout.php\">Logout</a></p>";
    } 
    else { 
      echo "<p>Γεια χαρά, $user !</p>";
      echo "<p><a href=\"./logout.php\">Αποσύνδεση</a></p>";
    }
  } 
}// end of showRightPanel

function showFooter() {
echo "
  <div id=\"footer_div\">
    <p>Designed, developed and maintained 
    <p>by Iraklis Tsoupouroglou
  </div>";
} // end of showFooter